The High Priests of IT — And the Heretics

Though I’ve done time in corporate IT — and have even born the CIO title more than once — I’ve always had more sympathy for the firewall-breaking, virus-toting, data-leaking users than I have for the responsible and sober IT departments that struggle every day to keep the systems running while the users set out to dismantle it.

IT’s origins are in the priesthood of the mainframe — my father’s generation of geeks, who tended huge, centralized beasts that served the whole enterprise from their humming, air-conditioned sanctuaries. The priests met with management to determine what the business’s technology needs were, then filled those needs as best as they could, seeing to it that the cogs in the vast machine could each gain access to the forms and calculations they needed to perform in order to do their jobs.

Lutheranism came in the form of the PC, on which users, armed with programs like Lotus 1-2-3, could reformat, remix, and rejigger the numbers in ways that made sense to them, experimenting with new ways of achieving the outcomes they were charged with realizing. In many enterprises, this was a firing offense, as it involved taking precious data out of the company’s solidly built safe and copying it to a toy that you snuck in under your desk.

I’m told that commissioned salesforces were especially aggressive, since their paychecks depended on their individual performance, and they’d shift heaven and earth to maximize their returns, regardless of corporate policy. No one would fire the top sales-agent, even if she’d attained her dizzying heights by contravening corporate policy and sticking the data on a huge floppy and manipulating it on an Apple ][+ bought from the local mini-mall.

Good thing, too, of course. Today, every enterprise of reasonable size uses general-purpose, Internet-connected computers under the individual control of their operators, because the risks associated with allowing employees the increased latitude that comes with these machines is more than offset by the efficiency gains made by the flexibility and power at the edge.

And yet, the spiritual descendants of the brave heretics who risked everything to compute at the edge have now become the priesthood. Contemporary corporate IT’s top job is locking down the PC and the network, blocking users from installing their own apps, blocking them from accessing forbidden websites (nominally this is about blocking porn, but a dismaying number of workplaces also block IM, webmail, blogs, message-boards, and social networking services where employees might otherwise find useful, low-cost coordination with other employees, suppliers and customers), and spying on their every click and keystroke to capture the occasional bad egg who’s saying or doing something that could put the whole firm at risk.

Even universities have gotten in on the act, throttling or blocking access to the P2P networks that carry tens of millions of legitimate files, whose operation is the subject of legitimate inquiry by scholars of computer science, law, sociology, music and other disciplines.

The dirty secret of corporate IT is that its primary mission is to serve yesterday’s technology needs, even if that means strangling tomorrow’s technology solutions. The myth of corporate IT is that it alone possesses the wisdom to decide which technologies will allow the workers on the front line to work better, faster and smarter — albeit with the occasional lackluster requirements-gathering process, if you’re lucky.

The fact is that the most dreadful violators of corporate policy — the ones getting that critical file to a supplier using Gmail because the corporate mail won’t allow the attachment, the ones using IM to contact a vacationing colleague to find out how to handle a sticky situation, the incorrigible Twitterer who wants to sign up all his colleagues as followers through the work day — are also the most enthusiastic users of technology, the ones most apt to come up with the next out-of-left-field efficiency for the firm.

There has to be a way to bring those people inside the church, rather than going to war against them. I suspect the answer is in modern virtualization tools, which allow users to have a “clean” OS and environment that they use for in-compliance processing and work, and a “wild” sandbox where anything goes, each on separate network segments. Earning this setup would require demonstrating skill and desire to imagine new ways of getting the job done, and its use would be subject to regular, brief reports on lessons learned, techniques tried, failures and successes.

This turns heretics into missionaries, turns them into the living laboratory for all the solutions that will inform the firm’s tomorrow, while safeguarding the needs of today.

Cory Doctorow is a science fiction novelist, blogger and technology activist. He is the co-editor of the popular weblog Boing Boing, and a contributor to Wired, Popular Science, Make, The New York Times, and many other newspapers, magazines and websites. He was formerly Director of European Affairs for the Electronic Frontier Foundation, a non-profit civil liberties group that defends freedom in technology law, policy, standards and treaties. In 2007, he served as the Fulbright Chair at the Annenberg Center for Public Diplomacy at the University of Southern California. For more, please visit his profile page at Monitor Talent.

Cory Doctorow is a science fiction novelist, blogger and technology activist. He is the co-editor of the popular weblog Boing Boing, and a contributor to Wired, Popular Science, Make, The New York Times, and many other newspapers, magazines and websites.

Partner Center

The email and password entered aren’t matching to our records. Please try again, or reset your password. If you have a username from our previous site, start by using that. Please See our FAQ for more.

If you are signing in for the first time on the new HBR.org but have an existing account, please enter your existing user name and password to migrate your account.Please see Frequently Asked Questions for more information.